1
Candidate: CVE-2017-15135
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15135
6
It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0.3 did
7
not always handle internal hash comparison operations correctly during the
8
authentication process. A remote, unauthenticated attacker could
9
potentially use this flaw to bypass the authentication process under very
10
rare and specific circumstances.
13
leosilva> code in trusty and xenial are quite different from patch.
21
patch: https://bugzilla.redhat.com/attachment.cgi?id=1388078
22
upstream_389-ds-base: needs-triage
23
precise/esm_389-ds-base: DNE
24
trusty_389-ds-base: needs-triage
25
xenial_389-ds-base: needs-triage
26
artful_389-ds-base: needed
27
bionic_389-ds-base: not-affected
28
devel_389-ds-base: needs-triage